c18f6ad630540931b50291799cfb53fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c18f6ad630540931b50291799cfb53fd_JaffaCakes118
Size

17KB
MD5

c18f6ad630540931b50291799cfb53fd
SHA1

6396323227f19a41759c76b1db1b580ea01713fd
SHA256

0d8c942b893a75eb812a21678c158520bc0f9788ad4e4e489efdbbfce2852152
SHA512

236903c1c88608afad88d9c9fc6fcf8b773163550e1501df17b004634c05124fb0b25062bf0f1ac10649b8f510f3ecd230c0540038ab615e7fe48cdac0c3912a
SSDEEP

192:qT8nRcvvh7JAhslRjzqqxMNSQcoL9r2JH/u24V+3oHvHE5xi52iSdfaTzwR:3C/lRjz1MBZ9iJH2Xk3ofE3ioVUk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c18f6ad630540931b50291799cfb53fd_JaffaCakes118

Files

c18f6ad630540931b50291799cfb53fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

784e9527e3c0f2991121c56ee22efeef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
LoadLibraryExA
FileTimeToLocalFileTime
InterlockedExchange
SetErrorMode
SetConsoleOutputCP
GlobalFree
LockResource
GetACP
VirtualProtect
Sleep
GetLastError
CloseHandle
GetStdHandle
HeapCreate
GlobalDeleteAtom
GetLocaleInfoA
GlobalAddAtomA
IsBadReadPtr
RaiseException
EnterCriticalSection

user32

GetWindowTextA
GetCursorPos
ValidateRect
ShowWindow
BeginPaint
ClipCursor
GetMenuItemInfoA
IsIconic
DrawTextA
wsprintfA
ReleaseDC
EndPaint
GetWindow
SetForegroundWindow
GetActiveWindow
DrawEdge
GetParent
GetFocus
GetClassNameA

httpapi

HttpCreateHttpHandle
HttpRemoveUrl
HttpTerminate
HttpAddUrl
HttpInitialize

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ